Resource Transfer Flaw in Samsung Exynos Modem 5123 and 5300
CVE-2023-31114

9.1CRITICAL

Key Information:

Vendor: Samsung
Status: Exynos 5123 Firmware
Vendor: CVE Published:; 7 June 2023

What is CVE-2023-31114?

A flaw has been identified within the Shannon RCS component of the Samsung Exynos Modem 5123 and 5300. This vulnerability arises from incorrect resource transfers between operational spheres, which could allow a malicious application to unintentionally query the SIM status, potentially compromising user data and device security.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 7, 2023
Vulnerability Reserved
Apr 24, 2023